-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 23 Mar 2026 10:36:36 +0100
Source: libyaml-syck-perl
Architecture: source
Version: 1.34-1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org>
Changed-By: Andrej Shadura <andrewsh@debian.org>
Changes:
libyaml-syck-perl (1.34-1+deb11u1) bullseye-security; urgency=medium
.
* Apply upstream patches for the following CVEs:
- CVE-2025-11683: Address memory corruption leading to 'str' value being
set on empty keys.
- CVE-2026-4177: Fix heap buffer overflow in the YAML emitter.
Checksums-Sha1:
090435039d03ed1b391618f80d0a2a63b3934b88 1592 libyaml-syck-perl_1.34-1+deb11u1.dsc
9148821ec2023c4d93f86514eef67d1ca64ce184 10092 libyaml-syck-perl_1.34-1+deb11u1.debian.tar.xz
007458608838da96a2227d03d1631684be60aeb7 5668 libyaml-syck-perl_1.34-1+deb11u1_source.buildinfo
Checksums-Sha256:
151f203c72bd70fd1c687783a345f9e502e029de3321486a035af479ad76bc90 1592 libyaml-syck-perl_1.34-1+deb11u1.dsc
ba653e58cde4781f91fde3cd6ca422077e713ee589c8856d364708014a1c09fc 10092 libyaml-syck-perl_1.34-1+deb11u1.debian.tar.xz
e36f63d79d5f039f41e1ade534e0eb0798443f978236d7f9b49e861b09a1bb64 5668 libyaml-syck-perl_1.34-1+deb11u1_source.buildinfo
Files:
f64e427e1ef76b1be8fbedfc5125e570 1592 perl optional libyaml-syck-perl_1.34-1+deb11u1.dsc
658eec6b067570480975df7b433343c1 10092 perl optional libyaml-syck-perl_1.34-1+deb11u1.debian.tar.xz
f9ae86d4d2a7aaff27c057dc19eb983c 5668 perl optional libyaml-syck-perl_1.34-1+deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCadfmawAKCRDoRGtKyMdy
YcCzAP9kNHD9Ds8tE7Y0ysAeVE6vKxf92d6B289KM9pA8eqbIgD/dLd9vkKDDqHn
Yu7xrnEhDmaH4wRXi2DA+f2pozZo+gE=
=piOm
-----END PGP SIGNATURE-----
